CVE-2024-36047
Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation.
CVE-2025-1741
A vulnerability classified as problematic was found in b1gMail up to 7.4.1-pl1. Affected by this vulnerability is an unknown functionality of the file src/admin/users.php of the component Admin Page. The manipulation of the argument query/q…
CVE-2025-0514
Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.This issue affects LibreOffice: from 24.8 before < 24.8.5.
CVE-2025-1556
A vulnerability, which was classified as problematic, has been found in westboy CicadasCMS 1.0. This issue affects some unknown processing of the file /system of the component Template Management. The manipulation leads to deserialization.…
CVE-2024-13798
The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to insufficient verification on form fields. This makes it possible…
CVE-2024-4028
A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting…
CVE-2024-13691
The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_recordMedia' function in all versions up to, and including, 2.9.1.6. This makes it possible for authenticated attackers,…
CVE-2024-13681
The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_admin_get_oembed' function in all versions up to, and including, 2.9.1.6. This makes it possible for unauthenticated att…
CVE-2025-0424
In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple authenticated stored cross-site scripting vulnerabilities. An authenticated attacker is able to compromise the sessions of other users…
CVE-2025-0423
In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users o…
CVE-2025-0422
An authenticated user in the "bestinformed Web" application can execute commands on the underlying server running the application. (Remote Code Execution) For this, the user must be able to create "ScriptVars" with the type „script" and pre…
CVE-2025-0178
Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the Web UI. An attacker could exploit this vulnerability to redirect users to malicious…
CVE-2025-0816
CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the
product when malicious IPV6 packets are sent to the device.
CVE-2025-0815
CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the
product when malicious ICMPV6 packets are sent to the device.
CVE-2025-0814
CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the network
services running on the product when malicious IEC61850-MMS packets are sent to the device. The core
functionality of the breaker remai…
CVE-2024-10083
CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of engineering
workstation when specific driver interface is invoked locally by an authenticated user with crafted input.
CVE-2024-42410
Improper input validation in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-39606
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-38307
Improper input validation in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow an authenticated user to potentially enable denial of service via network access.
CVE-2024-31153
Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access.